Please submit only technical tips that will help other TidBITS readers better use their Macs, iPhones, iPads, and related software and hardware. All product announcements should be sent to releases@tidbits.com.

Tip title*

Your tip*

URL

Enter the URL to a Web page that supports your tip.

Linked text

Enter the name of the page linked above.

Your name*

Your email*

* indicates required fields

To help us avoid automated posts and spam, please enter the words below.

When you submit a tip, you give us permission to use it. Read our terms for more details. All submissions are reviewed before publication.

Our terms: By submitting a tip, you agree to assign TidBITS Publishing Inc., a non-exclusive, worldwide, perpetual license to reproduce, publish, and distribute your tip in connection with the TidBITS Web site and associated products in any media. You agree that you created the content you submitted, and that you have the right to assign us this license. You give us permission to use your name, but your email address won't be publicly displayed or shared. We review all submissions before publication, and reserve the right to select which submissions we feel are appropriate for our readers and to edit those we publish.

Our terms: We reserve the right to edit or delete any comment, so please post thoughtfully. We use your email address only to send you a one-time verification message confirming that you posted this comment. We also store your address to allow you to verify using other Web browsers in the future. For more info, see our privacy policy.

Show Recent Items in Snow Leopard

The Recent Items submenu in the Apple menu is handy, but what if you want to work with a file in there in the Finder, rather than open it? Just press Command when that menu is showing, and all the Applications and Documents change to "Show ... in Finder." This feature is new as of Mac OS X 10.6.3 Snow Leopard.

TidBITS Watchlist: Notable Software Updates for 21 June 2010

Waveboard 1.1 -- Dirk Holtwick's Google Wave client Waveboard for the Mac has made some changes to its browsing engine to work with Safari 5. These changes, introduced in version 1.1, include exchanging support for 32-bit mode with support for 64-bit mode (Safari 5 is incompatible with Google Wave under the former). This in turn also means that the Google Gears plug-in, which requires 32-bit mode, is no longer supported by Waveboard - though Google itself is dropping support for the plug-in as HTML5 features become more common in browsers. Forthcoming changes are expected to include support for custom domains and the capability to host multiple accounts; to get
these updates automatically, users can turn on "Include beta releases" under Preferences. To learn more about Waveboard, see "Catch a Google Wave with Waveboard" (30 October 2009). (Free/€12 new, Standard/Pro, 1.9 MB)

DEVONthink and DEVONnote 2.0.3 -- DEVONtechnologies has released significant updates to its document and information management programs DEVONnote and DEVONthink (which comes in three varieties: Personal, Professional, and Pro Office). Changes in both programs include the capability to drag and drop multiple email messages into a database, support for printing to PDF, and the capability to install and use folder action scripts. The updates also add support for importing bookmarks from the forthcoming DEVONagent 2.5, preferences for Mac OS X 10.6's
Data Detectors, the capability to merge multiple groups/tags, and support for smart copy and paste. Changes specific to DEVONthink 2.0 Pro Office include the added capability to store thumbnails for bookmarks and a new advanced search setting that enables users to use smart-group search criteria in the search window. A lengthy list of changes, including many minor bug fixes, for both DEVONthink and DEVONnote, is available on the DEVONtechnologies Web site. (Pricing varies, 17.8/10.9 MB)

Cocktail 4.7.5 -- Maintain has released a minor update to its general-purpose maintenance utility Cocktail. Version 4.7.5 adds support for the recently released Mac OS X 10.6.4, improves the Internet cache-clearing capabilities, and adds support for the latest versions of Safari, Chrome, Opera, and OmniWeb. The update also enhances its protection against the HellRTS and OpinionSpy trojan horses, updates the list of Automator actions, and refreshes the Help section. ($14.95, free update, 2.0 MB)

PopChar X 5.0 -- Ergonis Software has released a noteworthy update to PopChar X, the long-standing tool for finding and inserting special characters anywhere you can type text. Version 5.0 adds the long-requested feature of being able to collect frequently used characters together in a Favorites group that remains visible at the top of the character table. The update also adds a new customizable hotkey for opening and closing the PopChar window, improves the menu attached to the status item in the menu bar, and enhances the scrolling speed and display of the character window. The update also fixes a handful of bugs, including one that caused the Mac OS
X font manager to crash PopChar, one that caused the program to hang while updating font collections, and one that prevented text from being entered into the license key field. The full list of changes is available on Ergonis Software's Web site. (€29.99 new, free update for purchases made in the last 2 years, 2.1 MB)

Coda 1.6.11 -- Panic has released a maintenance update to the Web site development tool Coda. Version 1.6.11 enhances compatibility with Safari 5 by fixing the Web Inspector and removing cross site scripting warnings when working with remote JavaScript. The update also adds support for importing favorites from Panic's FTP/SFTP client Transmit 4, enables highlighting of CSS 3 properties, and corrects the behavior of the Find Wildcard command when capture groups is off. Release notes are available. ($99 new, free update, 20 MB)

Several vulnerabilities stem from CUPS (Mac OS X's printing system), including one that would enable an attacker to change CUPS settings were an administrator to visit a maliciously crafted Web site, one that could enable an attacker to issue a denial of service through a malicious get-printer-jobs request, and one that could enable an attacker with access to the CUPS Web interface to read a limited amount of memory from the cupsd process.

Also, the handling of TIFF and MPEG2 encoded files has been improved to avoid arbitrary code execution and program crashes, a problem in iChat that could enable an attacker to upload files to arbitrary locations has been fixed, and an issue that could cause data loss from unmounting maliciously crafted disk images or remote shares has been addressed. Other vulnerabilities that have been targeted relate to Mac OS X's handling of symlinks, Ruby, the SMB file server, and - in Mac OS X Server - SquirrelMail and Wiki Server.

It's worth noting that these updates include Flash Player 10.0.45.2, an outdated version that is vulnerable to security threats. Thus, if you have not yet installed Flash Player 10.1.53.64, you should do so manually after installing this update (see "Adobe Flash Player 10.1.53.64 Blocks 32 Security Holes," 11 June 2010). Fortunately, it appears that the security update does not overwrite the latest Flash Player should you have already installed it.

The full list of changes provided by the security updates is available on Apple's Web site. The updates are available via Software Update and the Apple Support Downloads page. (Free for both Mac OS X 10.5 Leopard and Leopard Server, 222/380.29 MB)